Last month heralded many milestones and events for those of us who tend to a bit of the geeky side of watching the political and regulatory landscape. I started and ended the month of April in Washington D.C. – The District that heralded early cherry blossoms, and later snowstorms, a precursor hint to a blustery month.
I kicked off the month at the Global Data Privacy Summit, and ended with attending IBAT’s 24th annual Congressional Visit in conjunction with the Independent Community Bankers Association’s Washington Policy Summit. In between that book end of policy focused networking, even attending “TechProm”, the annual Center For Democracy & Technology (CDT) dinner, believe it or not substantive dialog on real regulatory topics started to happen. The Global Data Protection Regulation (GDPR) was finally approved; the HR 699 or the Email Privacy Act was amended and passed unopposed by the House for promoting email privacy rights while multiple proposals focused on reducing the regulatory burden for community banks.
As if this year’s wacky election cycle has created a media circus of all proportions, it got me to wonder in this Digital Age, how do we achieve practical solutions to real problems?
While the privacy and banking conferences focused on different problems; I saw common themes to implications to big data and the emergence of new definitions of privacy from these seemingly disparate vantage points. The pace of technology change makes creating meaningful regulations difficult to achieve. The sheer volume and complexity of complying with the vast array of requirements creates a cost burden that cannot be balanced between Wall Street, the Big Banks, and the community banks of Rural America.
I admit it – I’m a doodler or random note-taker when I attend conferences, or take classes. Sometimes, I jot down a long list of to-do’s or takeaways, but this past month, I tended to focus more on questions that got me to wondering how we navigate the barrage of changes driven by privacy and regulation.
- Who are you may sound like a question used in authentication, but the burden to community banks for data collection, call reports, and lending, makes me wonder what regulators do with all of the information collected?
- What is your personal definition of Personally Identifiable Information?
- How private is your mobile device, when the Electronic Communications Privacy Act of 1986 allows access by law enforcement to data without a search warrant?
- Why do new oversight rules in telemarketing still rely on the definition of a rotary phone as the only carve out from auto-dialer marketing compliance?
- When you use your mobile devices, do you know where your data is and how many third parties access, process, or transfer your information to give you a personalized digital experience?
Alec Ross’s book Industries of the Future compared how our economy has evolved with a focus on understanding our nation’s assets. Raw materials and things we value have evolved along with technology transformation. Land was the primary resource during the Agricultural Age; Iron was the key element in the Industrial Age, while Data is the asset of the Information Age.
By the Numbers – Wacky Factoids
Privacy in the Information Age
- 1021 is the ratio of how rapidly data is growing. If you look from the Cave Man age to 2003; and all the data the world collected; we are now equaling the same amount of data created every 2 days. It’s expected that within 4 years the world will go from 16 billion to 40 billion internet connected devices. Digital data collection will expand that ratio even faster!
- Cybersecurity and breach fatigue have hit consumers. Last year data breaches created a combined theft of over 1 billion records of personal identifiable information. Ponemon’ s annual data breach survey showed that the average total cost of a data breach increased 23 percent over the past two years to $3.79 million. The average cost per record containing sensitive and confidential information increased 6 percent, jumping from $145 in 2014 to $154 in 2015.
- Roughly 40% of American households no longer have a landline phone. Enforcement in the telemarketing space is growing with 3,710 TCPA lawsuits were filed in 2015, representing an increase of 45% over 2014. That is the 8th year in a row where the number of TCPA suits increased from the preceding year.
- About 26% of online U.S. adults use an ad-blocker service to block content. Players like Google and Facebook are considering testing models with pay for service that reduces the ad content on “free” services.
Banking in the Information Age
Snow showers in April may be rare, but they can create an avalanche of impact to the unexpected. The Data avalanche that is occurring in today’s Privacy and Banking space needs a thoughtful data governance plan. The power in the numbers is that as consumers become more empowered, they enforce privacy preferences for how they want to be contacted, how they want content shared, and how they want to participate in digital marketing. As technology morphs, the rise of FinTech is introducing disrupters who can bypass the traditional banking relationship, with digital payments. The sheer volume of data being collected in the digital landscape combined with the data collected by banks and regulators creates the need for a roadmap for information governance.
The pace of technology change will allows be faster than the adoption of new regulatory frameworks. It takes policy wonks to monitor and analyze privacy and banking in the Information Age, but the time to adopt thoughtful regulation takes time. Key priorities need to take a risk-based approach to provide some relief to smaller organizations.
So April was a wacky and wonky month, and as a long-term resident of the Twin Cities, and college student in the 1980’s Twin Cities music scene, I reflect back that April will always be a reminder that Sometimes it Snows in April will never be far from my memory.
Linnea Solem Chief Privacy Officer, Vice President Risk and Compliance for Deluxe Corporation is a former Chair of the Shared Assessments Program. Linnea is a management professional with 20+ years financial services experience in areas eCommerce, technology, business development, marketing, information practices and risk management. She is a Certified Information Privacy Professional and led Deluxe’s compliance initiatives for Y2K, GLB, Check 21, and Red Flags Legislation. You can connect with Linnea on LinkedIn.
Reposted with permission from Deluxe Blogs